I presently own an Apple Time Capsule, and have been wondering why no one has rooted this device yet (kind of). There seems to be plenty of potential for this device but nobody has shown any interest in rooting. I currently located the FW image and a signature file while messing around with the Airport Utility, but I am not sure if the FW image is encrypted, compressed, or both along with the signature file. Viewing the two files in a hex editor did not reveal much other than a string in the .basebinary file saying Apple Firmware. I am wondering what would be next logical step to getting this device rooted.

Secondly, I thought a way to view the FW would be to see if the file is decrypted/uncompressed when the firmware is uploaded to the Time Capsule but I have no idea how I would view something like that while the Airport Utility is uploading the firmware. Maybe use a program like "memorize" to view the contents of the memory on the system that is uploading the FW?

Anyways, this is something I am really interested in, and if anyone has any thoughts please let me know.

you can check its entropy for a basic sense if its packed\compressed\encrypted.. but you might want to calculate the entropy for parts of the file separately.

you could reverse the firmware loader just as well to see if its encrypting\decrypting etc... but bare in mind there's a possibility to have a OTP (one time programmable)chip to decrypt(and verify signature) the image while its being loaded by the device, but in that case it's most likely the signature would be embedded in the firmware base file...

i don't know the apple time capsule but most apple stuff is too expansive to hack while there are other available devices that have the same hardware but for a better price.
if you only want to hack it, use a cheaper manufacturer with apple you pay a lot for the software, GUI and brand...

I'd be interested to hear how it goes, feel free to contact me by email for updates and more questions..